ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Prices
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


IT Jobs

Security threats Toolkit

Breaking Windows for better security

Ina Fried CNET News.com

Published: 21 Jun 2005 12:55 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

As a result, Anderson and his team walked away with some concrete ideas on how to make sure future versions of Windows are more resilient to wireless attacks. He also left the room with a new respect for the hackers behind the demonstration.

"It's not just a bunch of disaffected teenagers sitting in their mother's basement," he said. "These are professionals that are thinking about these issues."

The hackers, for their part, seemed equally impressed with the technical knowledge of the senior executives they encountered.

At one point, researcher Matt Conover was talking about a fairly obscure type of problem called a heap overflow. When he asked the crowd, made up mostly of vice-presidents, whether they knew about this type of issue, 18 of 20 hands went up.

"I doubt that there is another large company on this planet that has that level of technical competency in management roles," Moore said.

Yet regardless of the mutual admiration, some tense moments were inevitable during the confrontation.

Microsoft developers, for instance, were visibly uncomfortable when Moore demonstrated Metasploit — a tool that system administrators can use to test the reliability of their systems to intrusion. But Metasploit also includes a fair number of exploits, as well as tools that can be used to develop new types of attacks.

"You had these developers saying, 'Why are you giving the world these tools that make it so easy to do exploitation?'" Kaminsky said. They calmed down, he said, once the researchers were able to state their case.

"We do regression testing in the real world of software development," Kaminsky said. "If we say, 'This thing isn't going to break,' then we need to test that. What these tools give is the ability to do this kind of testing, to be able to say not just, 'We did the best we could,' but 'We tried stuff and nothing worked.'"

Next

Previous

1 2 3 4 5


  • Email
  • Trackback
  • Clip Link
  • Print friendly Print with Dell

Did you find this article useful?
258 out of 532 people found this useful


Talkback

Post a comment


Full Talkback thread

2 comments

  1. If security is really that important to Microsoft... Arthur B.
  2. How would the world fare if the black hats de... Mark

Related Links

More In Security threats



Company/Topic Alerts

Create a new alert from the list below:







Related Jobs

C++, C# / Delphi Researcher / Developer - South Oxford

My client is seeking an outstanding degree or postgraduate qualified candidate, in a computing, scientific or numerate discipline. My client is a ...

Graduate Opportunites

We call this way of working the collaborative business experience. Youll discover we are diversely talented, closely-knit teams, with a truly ...

User Experience Researcher London - 50k

Key Client of Huxley Associates is currently looking for an experienced User Experience Researcher to perform the following duties: -Develop and ...

Featured Talkback

What was achieved there is recognised to be of fundamental importance to both winning the war (Churchill visited to say 'thank you' to them) and the development of the computer. Maybe Bill Gates doesn't want to support this museum because it underlines where electronic computing started i.e. here, not the U.S.

By: 1000103773

Read full story:
Bletchley Park faces bleak future

Sentry Posts Blog

Mobile Security Expert: Your Camera Ph...

Mobile Security Expert: Your Camera Phone Got Hacked Author: Eric Everson, Founder MyMobiSafe.com Have you ever heard someone say “I’d like to be a fly on the wall in that room.”?... More

Post a comment

Skype - The Roach Motel

Here is an interesting article from The National Business Review, pointing out once again that you can never delete a Skype account. Never. Period. This is something I am familiar... More

Post a comment

The vPhone: Why Visa Should Go Mobile

The vPhone: Why Visa Should Go Mobile Author: Eric Everson, Founder MyMobiSafe.com With all of the success of Apple’s iPhone, there is a growing case to support a company like Visa... More

Post a comment

Featured Oracle Resources

businessfirst: Ideas to help small companies retain their successful entrepreneurial spirit

Oracle ONE Magazine: Technology solutions for midsized businesses February 2008 edition

Choosing a Reliable and Powerful IT Infrastructure at a Price You Can Afford

Database Consolidation: Reducing Cost and Complexity

Ensuring Data Protection for Growing Business

Oracle for medium and emerging businesses: protect, strengthen and enhance your organisation

Oracle partner network solutions catalogue

See All White Papers